Skip to content
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions packages/cef/changelog.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "0.6.0"
changes:
- description: Add CEF time zone config option.
type: enhancement
link: https://github.com/elastic/integrations/pull/1723
- version: "0.5.2"
changes:
- description: Convert to generated ECS fields
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,4 @@ data_stream:
vars:
paths:
- "{{SERVICE_LOGS_DIR}}/*.log"
decode_cef_timezone: UTC
3 changes: 3 additions & 0 deletions packages/cef/data_stream/log/agent/stream/log.yml.hbs
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,9 @@ processors:
- {from: "message", to: "event.original"}
- decode_cef:
field: event.original
{{#if decode_cef_timezone}}
timezone: {{ decode_cef_timezone }}
{{/if}}
{{#if processors}}
{{processors}}
{{/if}}
3 changes: 3 additions & 0 deletions packages/cef/data_stream/log/agent/stream/udp.yml.hbs
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,9 @@ processors:
- {from: "message", to: "event.original"}
- decode_cef:
field: event.original
{{#if decode_cef_timezone}}
timezone: {{ decode_cef_timezone }}
{{/if}}
{{#if processors}}
{{processors}}
{{/if}}
14 changes: 14 additions & 0 deletions packages/cef/data_stream/log/manifest.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,13 @@ streams:
show_user: true
default:
- /var/log/cef.log
- name: decode_cef_timezone
type: text
title: CEF Timezone
multi: false
required: false
show_user: false
description: IANA time zone or time offset (e.g. `+0200`) to use when interpreting timestamps without a time zone in the CEF message.
- name: tags
type: text
title: Tags
Expand Down Expand Up @@ -63,6 +70,13 @@ streams:
required: true
show_user: true
default: 9003
- name: decode_cef_timezone
type: text
title: CEF Timezone
multi: false
required: false
show_user: false
description: IANA time zone or time offset (e.g. `+0200`) to use when interpreting timestamps without a time zone in the CEF message.
- name: tags
type: text
title: Tags
Expand Down
4 changes: 2 additions & 2 deletions packages/cef/manifest.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: cef
title: CEF
version: 0.5.2
version: 0.6.0
release: experimental
description: This Elastic integration collects logs in common event format (CEF)
type: integration
Expand All @@ -10,7 +10,7 @@ categories:
- network
- security
conditions:
kibana.version: ^7.14.0
kibana.version: ^7.16.0
policy_templates:
- name: cef
title: CEF logs
Expand Down